mirror of https://github.com/zcash/zips.git
Specify the range of j when generating diversifiers.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
b3c051eb4f
commit
6f85acb9b1
|
@ -199,7 +199,7 @@ The 88-bit diversifiers for a Sapling extended key are derived from its diversif
|
||||||
In order to reach the maximum possible diversifier range without running into the birthday bound, we use
|
In order to reach the maximum possible diversifier range without running into the birthday bound, we use
|
||||||
FF1-AES256 as a Pseudo-Random Permutation as follows:
|
FF1-AES256 as a Pseudo-Random Permutation as follows:
|
||||||
|
|
||||||
- Let *j* be the index of the desired diversifier.
|
- Let *j* be the index of the desired diversifier, in the range 0 .. 2\ :sup:`88`\ -1.
|
||||||
- *d*\ :sub:`i,j` = FF1-AES256.Encrypt(*dk*\ :sub:`i`\ , "", I2LEBSP\ :sub:`88`\ (*j*))
|
- *d*\ :sub:`i,j` = FF1-AES256.Encrypt(*dk*\ :sub:`i`\ , "", I2LEBSP\ :sub:`88`\ (*j*))
|
||||||
|
|
||||||
The default diversifier for a Sapling extended key is defined to be *d*\ :sub:`i,0`\ .
|
The default diversifier for a Sapling extended key is defined to be *d*\ :sub:`i,0`\ .
|
||||||
|
|
Loading…
Reference in New Issue